diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/login/ldap_provider.rs | 7 | ||||
-rw-r--r-- | src/login/static_provider.rs | 6 | ||||
-rw-r--r-- | src/storage/garage.rs | 49 |
3 files changed, 48 insertions, 14 deletions
diff --git a/src/login/ldap_provider.rs b/src/login/ldap_provider.rs index e73e1dc..42c993d 100644 --- a/src/login/ldap_provider.rs +++ b/src/login/ldap_provider.rs @@ -21,6 +21,7 @@ pub struct LdapLoginProvider { storage_specific: StorageSpecific, in_memory_store: storage::in_memory::MemDb, + garage_store: storage::garage::GarageRoot, } enum BucketSource { @@ -91,7 +92,11 @@ impl LdapLoginProvider { mail_attr: config.mail_attr, crypto_root_attr: config.crypto_root_attr, storage_specific: specific, + //@FIXME should be created outside of the login provider + //Login provider should return only a cryptoroot + a storage URI + //storage URI that should be resolved outside... in_memory_store: storage::in_memory::MemDb::new(), + garage_store: storage::garage::GarageRoot::new(), }) } @@ -114,7 +119,7 @@ impl LdapLoginProvider { BucketSource::Attr(a) => get_attr(user, &a)?, }; - storage::garage::GarageBuilder::new(storage::garage::GarageConf { + self.garage_store.user(storage::garage::GarageConf { region: from_config.aws_region.clone(), s3_endpoint: from_config.s3_endpoint.clone(), k2v_endpoint: from_config.k2v_endpoint.clone(), diff --git a/src/login/static_provider.rs b/src/login/static_provider.rs index 1e1ecbf..e190a91 100644 --- a/src/login/static_provider.rs +++ b/src/login/static_provider.rs @@ -25,6 +25,7 @@ pub struct UserDatabase { pub struct StaticLoginProvider { user_db: watch::Receiver<UserDatabase>, in_memory_store: storage::in_memory::MemDb, + garage_store: storage::garage::GarageRoot, } pub async fn update_user_list(config: PathBuf, up: watch::Sender<UserDatabase>) -> Result<()> { @@ -84,6 +85,7 @@ impl StaticLoginProvider { Ok(Self { user_db: rx, in_memory_store: storage::in_memory::MemDb::new(), + garage_store: storage::garage::GarageRoot::new(), }) } } @@ -109,7 +111,7 @@ impl LoginProvider for StaticLoginProvider { let storage: storage::Builder = match &user.config.storage { StaticStorage::InMemory => self.in_memory_store.builder(username).await, StaticStorage::Garage(grgconf) => { - storage::garage::GarageBuilder::new(storage::garage::GarageConf { + self.garage_store.user(storage::garage::GarageConf { region: grgconf.aws_region.clone(), k2v_endpoint: grgconf.k2v_endpoint.clone(), s3_endpoint: grgconf.s3_endpoint.clone(), @@ -140,7 +142,7 @@ impl LoginProvider for StaticLoginProvider { let storage: storage::Builder = match &user.config.storage { StaticStorage::InMemory => self.in_memory_store.builder(&user.username).await, StaticStorage::Garage(grgconf) => { - storage::garage::GarageBuilder::new(storage::garage::GarageConf { + self.garage_store.user(storage::garage::GarageConf { region: grgconf.aws_region.clone(), k2v_endpoint: grgconf.k2v_endpoint.clone(), s3_endpoint: grgconf.s3_endpoint.clone(), diff --git a/src/storage/garage.rs b/src/storage/garage.rs index 709e729..870854a 100644 --- a/src/storage/garage.rs +++ b/src/storage/garage.rs @@ -1,7 +1,38 @@ use crate::storage::*; use aws_sdk_s3::{self as s3, error::SdkError, operation::get_object::GetObjectError}; +use aws_smithy_runtime::client::http::hyper_014::HyperClientBuilder; +use aws_smithy_runtime_api::client::http::SharedHttpClient; +//use hyper_rustls::HttpsConnector; +//use hyper_util::client::legacy::connect::HttpConnector; + + use serde::Serialize; +pub struct GarageRoot { + aws_http: SharedHttpClient, +} + +impl GarageRoot { + pub fn new() -> Self { + /*let http = hyper_rustls::HttpsConnectorBuilder::new() + .https_or_http() + .with_native_roots() + .enable_http1() + .enable_http2() + .build();*/ + let aws_http = HyperClientBuilder::new().build_https(); + Self { aws_http } + } + + pub fn user(&self, conf: GarageConf) -> anyhow::Result<Arc<GarageUser>> { + let mut unicity: Vec<u8> = vec![]; + unicity.extend_from_slice(file!().as_bytes()); + unicity.append(&mut rmp_serde::to_vec(&conf)?); + + Ok(Arc::new(GarageUser { conf, aws_http: self.aws_http.clone(), unicity })) + } +} + #[derive(Clone, Debug, Serialize)] pub struct GarageConf { pub region: String, @@ -12,23 +43,18 @@ pub struct GarageConf { pub bucket: String, } +//@FIXME we should get rid of this builder +//and allocate a S3 + K2V client only once per user +//(and using a shared HTTP client) #[derive(Clone, Debug)] -pub struct GarageBuilder { +pub struct GarageUser { conf: GarageConf, + aws_http: SharedHttpClient, unicity: Vec<u8>, } -impl GarageBuilder { - pub fn new(conf: GarageConf) -> anyhow::Result<Arc<Self>> { - let mut unicity: Vec<u8> = vec![]; - unicity.extend_from_slice(file!().as_bytes()); - unicity.append(&mut rmp_serde::to_vec(&conf)?); - Ok(Arc::new(Self { conf, unicity })) - } -} - #[async_trait] -impl IBuilder for GarageBuilder { +impl IBuilder for GarageUser { async fn build(&self) -> Result<Store, StorageError> { let s3_creds = s3::config::Credentials::new( self.conf.aws_access_key_id.clone(), @@ -41,6 +67,7 @@ impl IBuilder for GarageBuilder { let sdk_config = aws_config::from_env() .region(aws_config::Region::new(self.conf.region.clone())) .credentials_provider(s3_creds) + .http_client(self.aws_http.clone()) .endpoint_url(self.conf.s3_endpoint.clone()) .load() .await; |